Solved

Active Directory change default common name CN

Posted on 2006-06-29
9
3,370 Views
Last Modified: 2011-09-20
In Windows 2003 AD, the user object field "Full Name" sets the CN (common name) and displayName among some other things.

In my domain we like to have the display name as "last name, first name" -- so that's what is in the Full Name box.

Unfortunately, that also makes the CN the same thing.  I need the CN to be the same as the user logon name which is "first initial last name".

Does anyone know how I can change directly or separate the CN from the Full Name field?

Thanks
0
Comment
Question by:ipmcinc
  • 7
  • 2
9 Comments
 
LVL 26

Expert Comment

by:Pber
ID: 17013186
Load adsi edit
Connect to the configuration container
Then CN=displayspecifiers
then CN=409 for english (this might be specifig to your region)
then CN=Users-Display and right click and properties
Then go to the attribute createDialog
Change the value to:

%<i>%<givenName>

this will change new users, existing users you will have to do a rename to fix (I think).
0
 
LVL 26

Expert Comment

by:Pber
ID: 17013229
Also check out this article

http://www.computerperformance.co.uk/exchange2003/exchange2003_GAL_custom_display.htm#Custom%20Display%20Names

You can use ADmodify to change the existing accounts.
0
 
LVL 26

Expert Comment

by:Pber
ID: 17013292
Sorry I was a bit off on the syntax

Use this instead:

%1<givenName>%<sn>

0
 
LVL 26

Expert Comment

by:Pber
ID: 17013322
Note this method will change the way your users show up in the GAL which might be bad.  You might be able to do a ADmodify to just change the CN.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:ipmcinc
ID: 17013410
Do you know how to change what the default CN is?

Currently the default CN is whatever the Full Name is; which is last name, first name ( i.e. smith, john)

When I add new users in the future, I want the default CN to be whatever the Logon Name is; which is first initial last name (i.e. jsmith)

Thanks!
0
 
LVL 26

Expert Comment

by:Pber
ID: 17013442
The above method will do just that...

Ours is set to:
%<sn>, %<givenName>

All of our users CN's are:
CN=lastname\, firstname, Ou=blahblahblah
0
 
LVL 26

Accepted Solution

by:
Pber earned 500 total points
ID: 17013581
After playing with this in the lab, it doesn't look like you can use partials.  

On an exchange recipient policy you can do something like %1g%i%s@email.com

See: http://support.microsoft.com/kb/250455/en-us

Apparently you can't with this.  You'd have to do the fullname lastname

%<givenName>%<sn>
0
 

Author Comment

by:ipmcinc
ID: 17013615
If I change CN=Users-Display, I believe that would change the display name.  I don't want to change the display name.

I want to change the "Full Name" field
0
 
LVL 26

Expert Comment

by:Pber
ID: 17013673
When I change the settings in the lab and click apply and start creating a new user, it immediately starts filling in the Fullname field in the format that is specified by the createDialog
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now